security of ssh keys

Support for security such as Firewalls and securing linux
Post Reply
User avatar
KernelOops
Posts: 428
Joined: 2013/12/18 15:04:03
Location: xfs file system

security of ssh keys

Post by KernelOops » 2019/01/13 12:38:25

Hello everyone,

I've reached a point were my ~/.ssh/ is full of important keys that give access to well over 50 servers with various stages of access. Almost all the keys have passwords, instead of a few that give access to test vm's of no consequence. In addition, the partition is luks encrypted.

Apart from password protecting the keys, is there an additional layer of security? like saving the keys on another system and requesting them one-by-one, or maybe an encrypted loopback device?

What are your suggestions? does everyone leave them at ~/.ssh/ ?

Thank you.


PS:
there is a linux rootkit going around that spreads itself by reading the ~/.ssh/known_hosts file and using that to auto-connect to remote systems.
--
R.I.P. CentOS :cry:
--

Post Reply